I found details in the Kubernetes slack announcement channel:
-
The Product Security Committee has posted a security advisory for kubelet that could allow a user to create a container with subpath volume mounts to access files & directories outside of the volume, including on the host filesystem. This issue has been rated High and assigned CVE-2021-25741 . Please see CVE-2021-25741: Symlink Exchange Can Allow Host Filesystem Access · Issue #104980 · kubernetes/kubernetes · GitHub for more details.
-
The Product Security Committee has posted a security advisory for kube-apiserver where actors that control the responses of MutatingWebhookConfiguration or ValidatingWebhookConfiguration requests are able to redirect kube-apiserver requests to private networks of the apiserver. If that user can view kube-apiserver logs when the log level is set to 10, they can view the redirected responses and headers in the logs. This issue has been rated Medium and assigned CVE-2020-8561 . Please see CVE-2020-8561: Webhook redirect in kube-apiserver · Issue #104720 · kubernetes/kubernetes · GitHub for more details.
-
The Security Response Committee has posted a security advisory for ingress-nginx where use of custom snippets could allow retrieval of ingress-nginx serviceaccount token and secrets across all namespaces. This issue has been rated High and assigned CVE-2021-25742 . Please see CVE-2021-25742: Ingress-nginx custom snippets allows retrieval of ingress-nginx serviceaccount token and secrets across all namespaces · Issue #7837 · kubernetes/ingress-nginx · GitHub for more details.